I was setting up a personal PayPal account today and during registration want me to provide answers to two “secret questions”. This is nothing new and usually I just do what Bruce Schneier talks about it his curse; enter gibberish.
Feeling very clever I press the signup button, the result:
Your information is incomplete or incorrect. Please correct the fields below and try again:
- You may not enter numbers in your mother’s maiden name.
- You must enter exactly four numbers or letters for the last four digits of your driver’s license number.
What could possess anyone to do this? This is just plain stupid. PayPal’s password policy forces you to have eight or more characters, but the secret question for your driver’s license doesn’t allow you to have more than four characters.
[tags]security, passwords, authentication[/tags]
Leave a Reply